CN102510370A - File system authentication - Google Patents
File system authentication Download PDFInfo
- Publication number
- CN102510370A CN102510370A CN2011102915321A CN201110291532A CN102510370A CN 102510370 A CN102510370 A CN 102510370A CN 2011102915321 A CN2011102915321 A CN 2011102915321A CN 201110291532 A CN201110291532 A CN 201110291532A CN 102510370 A CN102510370 A CN 102510370A
- Authority
- CN
- China
- Prior art keywords
- file system
- distributed file
- applicable
- user identifier
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6236—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database between heterogeneous systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The present invention relates to file system authentication and, in particular, authentication of users for accessing files stored on a serverless distributed or peer-to-peer file system. Its objective is to preserve the anonymity of the users and to provide secure and private storage of data for users on a serverless distributed file system. It provides a method of authenticating access to a distributed file system comprising the steps of; receiving a user identifier; retrieving an encrypted validation record identified by the user identifier; decrypting the encrypted validation record so as to provide decrypted information; and authenticating access to data in the distributed file system using the decrypted information.
Description
To be the denomination of invention submitted on June 11st, 2007 be " to the method and the distributed file system of the access checking of distributed file system " 200780025361.X number divide an application to the application.
Technical field
The present invention relates to file system authentication, more specifically, the file that relates to being kept in distributed network or equity (peer-to-peer) file system carries out the user's of access checking.
Background technology
Distributed file system has advantage with respect to the traditional centralized file system, comprises fault-tolerant, availability, extensibility and performance with improvement.
A problem of known distributed file system is because user's password is stored on the server on the network, and after user's login, pass through Network Transmission, so user's anonymity to be affected.This just possible intercepting password, and the file that possibly use it for being distributed on the distributed file system carries out unwarranted access.
Another problem of known distributed file system is that the information about document location is stored on the network.This makes unwarranted user use this information to discern the position of file or file chunk more easily, thereby the file that is distributed on the reciprocity file system is carried out unwarranted access.
Summary of the invention
Theme of the present invention is protection user's a anonymity, and on distributed file system, for the user safe, privately owned storage is provided.
According to a first aspect of the invention, a kind of method that the access of distributed file system is verified is provided, it may further comprise the steps:
Receive user identifier;
Obtain encrypted validation record, said encrypted validation record is discerned by said user identifier;
Said encrypted validation record is deciphered, thereby the information of deciphering is provided; And
Use the information of said deciphering that the access of the data in the said distributed file system is verified.
Preferably, the node that carry out said reception on the said distributed file system, obtains with verification step is different from the node of carrying out said decryption step.
Preferably, this method also comprises the step of using hashing to generate user identifier.
Therefore, user identifier is unique, and is applicable to the affirmation record that identification is unique.
Preferably, the checking access step also comprises the step of carrying out digital signature with user identifier.
This just provides can be by the checking of believable authorities affirmation.
Preferably, this method comprises that also user identifier that use signs as the session pass, verifies with a plurality of accesses to distributed file system.
It allows the session of expansion is continued checking.
Preferably, decryption step comprises deciphers the address of first chunk in said distributed file system of data, and said verification step further comprises confirms the step of said first chunk in the existence at place, said address.
The task that this has combined checking effectively and has begun to obtain from system data.
Preferably, this method comprises and uses the content of first chunk to obtain more chunk from distributed file system.
Therefore, can not continue to have potential flimsy record in a position on distributed file system, because user node is constructed the database of its document location after signing in to system.
According to a second aspect of the invention, distributed file system is provided, it comprises:
Memory module is applicable to the affirmation record of storage encryption;
Client node, it comprises deciphering module, said deciphering module is applicable to be deciphered encrypted validation record, thereby the information of deciphering is provided; And
The check node, it comprises:
Receiver module, said receiver module is applicable to the reception user identifier;
Acquisition module is applicable to from said memory module and obtains encrypted validation record that said encrypted validation record is discerned by said user identifier;
Transport module is applicable to said encrypted validation record is transferred to said client node; And
Authentication module is applicable to the information of use from the said deciphering of said client node, and checking is to the access of the data in the said distributed file system.
Preferably, client node further is applicable to and uses hash to generate user identifier.
Preferably, authentication module further is applicable to through carrying out digital signature with user identifier and verifies access.
The user identifier of preferably, being signed is used as the session pass so that client node is verified a plurality of accesses of distributed file system.
Preferably, deciphering module further is applicable to from the address of first chunk distributed file system of confirming the record data decryption and deciphers, and authentication module further is applicable to through confirming that first chunk verifies access in the existence at this place, address.
Preferably, client node is applicable to that further the content of using first chunk obtains more multi-block from distributed file system.
According to a third aspect of the invention we, at least one computer program that comprises program command is provided, has been used to make the method for at least one computer realization according to first aspect.
Preferably, at least one computer program is implemented on recording medium or the read-only memory, is stored at least one computer storage, or is carried on the electrical carrier signal.
Brief Description Of Drawings
Only present invention is described through embodiment with reference to accompanying drawing, wherein:
Fig. 1 illustrates the peer-to-peer network according to an embodiment of the invention with schematic form; And
Fig. 2 illustrates the flow chart according to the checking of preferred implementation of the present invention.
Embodiment
With reference to figure 1, show the peer-to-peer network 2 that node 4 to 12 is linked to each other through communication network 14.These nodes can be any miscellaneous equipments that personal computer (PC) maybe can realize operating the processing of wanting required for the present invention, communication and/or storage operation.File system will be usually has more, all types of nodes than shown in Figure 1, and PC can be used as the node of one or more types described herein.Back end 4 and 6 is stored in file chunk 16 in the distributed file system.Confirm that record node 8 has memory module 18, memory module 18 is used for the affirmation record of storage encryption, and this encrypted validation record is discerned by user identifier.
With reference to figure 2; On chart, show the more detailed flow process of the present invention's operation; 40 show the step of locating to carry out at user PC (client node) in the left side, show the step that check PC (node) carries out middle 42, and 44 show the step that data PC (node) carries out on the right side.
Landing frame is by 46 expressions, and it needs user's email address (identical with the email address that is used for installation of client node software and registration process) and PIN number of user.If the user is " main user ", then some details is stored on the PC.If the user is the visitor, landing frame then appears.
According to these two data item, create 160 long content hash number in step 48, for example, SHA (SHA).Should " hash " is current be called " ID keyword ", like this, will be somebody's turn to do " hash " and classify as " untested " ID keyword in the system.
In step 50, the software on the user PC will this untested ID keyword and ' hello ' grouping of bits of standard, to create " hello.Packet " in step 52.On the internet this hello.Packet is being transmitted with validity regularly together then.
First node (in this specification, being called as " check node ") will obtain hello.Packet; When the ID key element of hello.Packet with in its storage area, stored, when the encrypted validation record file matees 56; In step 54, the ID key element of this hello.Packet of first node identification.The login attempt supervisory control system is guaranteed maximum cubic responses.After repeatedly attempting, check PC creates " blacklist ", is used to transfer to reciprocity PC.Alternatively,, then warning is returned to the user, and can require the user to carry out the virus detection if found " blacklist " login.
Then, the check node returns to the user through the Internet with the encrypted validation record file.In step 58, the pass phrase by dialog box 60 request users will allow this affirmation log file is deciphered then.
When will confirm the log file deciphering in step 62 after; Extract the detailed content of first data chunks that comprises " address of deciphering " in step 64; In step 66, user PC sends it back the check node with request, and first " file-chunk ID " that is used to this check node is located " address of deciphering " initiated inquiry; Wherein, should " address of deciphering " extract affirmation log file from deciphering.
The check node is taken on " via node ", and this " file-chunk ID " initiation " only notice " that " address of deciphering " located is inquired about.
Suppose that some other node (being called as " back end " in this embodiment) discerned this request and sent it back effectively " only notice " message in step 70 in step 68; So; " file-chunk ID " corresponding to the request of being sent by the check node exists really; Check node to carry out digital signature with initial ID keyword then, then it is sent it back to the user in step 72.
In step 74, in case the user receives the ID keyword, the ID keyword of this empirical tests then is used as user's the session pass.In step 76, this user PC continues on network, to construct the database of the file system of being supported by the user.This database description constitute the position of all chunks of user's file system.
The further details of this execution mode is described below.Point-to-point channel through encrypting adopts " agency-control " hand shake procedure, to guarantee that the legal owner is to system, to user's file storage database, carry out authorized access to file as herein described." hash of untested encryption " that is called " ID keyword " through generation; Initiate to shake hands check from the PC (" user PC ") of user's login; Preferably, should " ID keyword " be to create according to the email address and the PIN number thereof of user's registration.Should " hash " conduct " hello.packet " on the internet transmission, then should " hash " by this ID being identified as any system that the particular data preserved with this system is associated obtains.This PC becomes " check PC " and will in proof procedure, at first get into " gateway " of system as user PC then.Encrypted entry by the data of checking PC to preserve will be used as " confirming record " temporarily; The specific address that the encrypted entry of these data directly is associated and preserves the mass data chunk that belongs to this user with user identifier, this mass data chunk is arranged in the other places of this equity distributed file system.This " affirmation record " returned to user PC be used for deciphering, expectation only has legal users that the customizing messages of the accurate deciphering of being somebody's turn to do " confirming record " with allowing can be provided.
After successful deciphering, user PC extracts the address and the name of first data chunks from inspection record, and with its with request checking should " data chunks " existence on the PC of particular addressed request send it back and check PC.When " data PC " to this " data access test " when making positive response, check PC signs with the ID keyword and passes it back to user PC.This operational notification user PC, this user can carry out the full powers access to this system, so first operation is the individual database that obtains the user.
Should be noted that in this execution mode if at first do not set up the channel of encryption, for example TLS (Transport Layer Security) or SSL (SSL) then can not realize communication through any node.Equal end engages in the dialogue through channel and another the equal end of encrypting, other equal end (acting server) solicited message (for example, being used to ask some spaces with preservation information or acquisition request file).In proof procedure, between all equal ends at each communication ends place, form the link of encrypting, and form the link of encrypting through acting server.This has forbidden that effectively the prier surveys who and who dialogue and transmission or what has obtained.The initial handshake that is used for self verifying also realizes through the link of encrypting.
Current node through authentication provides safe connection; Mode need not interfere realizes; Each node all passes through another node verification; Which kind of reason (fraud detection, spy on or spy on any invalid algorithm of catching this node from arbitrary node) no matter, invalid event or data all will make the link of being created by this node invalid arbitrarily.This is fully transparent to the user.
Can add further modification and improvement, and not deviate from scope of the present invention as herein described.
Claims (14)
1. one kind is used for method that the access of distributed document serverless backup system is verified, and it may further comprise the steps:
Receive user identifier;
Obtain encrypted validation record, said encrypted validation record is discerned by said user identifier;
Said encrypted validation record is deciphered, thereby the information of deciphering is provided; And
Use the information of said deciphering that the access of the data in the said distributed file system is verified.
2. the node of carrying out said reception on the method for claim 1, wherein said distributed file system, obtaining with verification step is different from the node of carrying out said decryption step.
3. like the described method of arbitrary claim in claim 1 or 2, said method further comprises the step of using hash to generate said user identifier.
4. like the described method of aforementioned arbitrary claim, wherein said user identifier is unique, and is applicable to the affirmation record that identification is unique.
5. like the described method of aforementioned arbitrary claim, wherein said verification step further comprises the step of carrying out digital signature with said user identifier.
6. method as claimed in claim 5, wherein, said method further comprises the user identifier of being signed as the session pass, with a plurality of visits of checking to said distributed file system.
7. like the described method of aforementioned arbitrary claim; Wherein said decryption step comprises deciphers the address of first chunk in said distributed file system of data, and said verification step further comprises confirms the step of said first chunk in the existence at place, said address.
8. method as claimed in claim 7, wherein said method comprise that further the content of using said first chunk obtains more multi-block step from said distributed file system.
9. distributed file system, it comprises:
Memory module is applicable to the affirmation record of storage encryption;
Client node, it comprises deciphering module, said deciphering module is applicable to be deciphered encrypted validation record, thereby the information of deciphering is provided; And
The check node, it comprises:
Receiver module, said receiver module is applicable to the reception user identifier;
Acquisition module is applicable to from said memory module and obtains encrypted validation record that said encrypted validation record is discerned by said user identifier;
Transport module is applicable to said encrypted validation record is transferred to said client node; And
Authentication module is applicable to the information of use from the said deciphering of said client node, and checking is to the access of the data in the said distributed file system.
10. distributed file system as claimed in claim 9, wherein said client node further are applicable to uses hash to generate said user identifier.
11. like claim 9 or 10 described distributed file systems, wherein said authentication module further is applicable to through carrying out digital signature with said user identifier verifies access.
12. distributed file system as claimed in claim 11, the user identifier of wherein being signed is used as the session pass, to verify a plurality of accesses of said client node to said distributed file system.
13. like the described distributed file system of arbitrary claim in the claim 9 to 12; Wherein said deciphering module further is applicable to be deciphered the address of first chunk in said distributed file system from said affirmation data recorded, and said authentication module further is applicable to through confirming that said first chunk verifies access in the existence at place, said address.
14. distributed file system as claimed in claim 13, wherein said client node are applicable to that further the content of using said first chunk obtains more multi-block from said distributed file system.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GBGB0613235.1A GB0613235D0 (en) | 2006-07-04 | 2006-07-04 | File system authentication |
| GB0613235.1 | 2006-07-04 |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200780025361XA Division CN101496019B (en) | 2006-07-04 | 2007-06-11 | Method for access authentication for distributed file system and distributed file system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102510370A true CN102510370A (en) | 2012-06-20 |
| CN102510370B CN102510370B (en) | 2014-11-26 |
Family
ID=36888580
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110291532.1A Expired - Fee Related CN102510370B (en) | 2006-07-04 | 2007-06-11 | Authentication method for accessing files stored on distributed file system and distributed file system |
| CN200780025361XA Expired - Fee Related CN101496019B (en) | 2006-07-04 | 2007-06-11 | Method for access authentication for distributed file system and distributed file system |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200780025361XA Expired - Fee Related CN101496019B (en) | 2006-07-04 | 2007-06-11 | Method for access authentication for distributed file system and distributed file system |
Country Status (8)
| Country | Link |
|---|---|
| US (1) | US8386786B2 (en) |
| EP (1) | EP2038792B1 (en) |
| CN (2) | CN102510370B (en) |
| AT (1) | ATE520090T1 (en) |
| AU (1) | AU2007270991B2 (en) |
| CA (1) | CA2659886C (en) |
| GB (3) | GB0613235D0 (en) |
| WO (1) | WO2008003923A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015176461A1 (en) * | 2014-05-22 | 2015-11-26 | 中兴通讯股份有限公司 | File access processing method, file access method, and device for distributed file system |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8555069B2 (en) * | 2009-03-06 | 2013-10-08 | Microsoft Corporation | Fast-reconnection of negotiable authentication network clients |
| US8453257B2 (en) * | 2009-08-14 | 2013-05-28 | International Business Machines Corporation | Approach for securing distributed deduplication software |
| WO2011072733A1 (en) * | 2009-12-16 | 2011-06-23 | Telefonaktiebolaget L M Ericsson (Publ) | Dynamic application charging identification |
| US20190095101A1 (en) | 2010-08-02 | 2019-03-28 | International Business Machines Corporation | Authenticating a credential in a dispersed storage network |
| US10162524B2 (en) | 2010-08-02 | 2018-12-25 | International Business Machines Corporation | Determining whether to compress a data segment in a dispersed storage network |
| US8842746B2 (en) * | 2010-08-02 | 2014-09-23 | Cleversafe, Inc. | Receiving encoded data slices via wireless communication |
| US10623409B2 (en) * | 2012-03-23 | 2020-04-14 | Irdeto B.V. | Controlling access to IP streaming content |
| US9276973B2 (en) * | 2013-03-29 | 2016-03-01 | Philip Scott Lyren | Peer-to-peer data storage |
| CN107094080B (en) | 2016-02-12 | 2020-07-17 | 东芝存储器株式会社 | Communication device |
| US9922199B2 (en) * | 2016-02-18 | 2018-03-20 | Bank Of America Corporation | Document security tool |
| US10277623B2 (en) * | 2016-03-18 | 2019-04-30 | AppBugs, INC. | Method of detection of comptromised accounts |
| US11681445B2 (en) | 2021-09-30 | 2023-06-20 | Pure Storage, Inc. | Storage-aware optimization for serverless functions |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5481720A (en) * | 1989-05-15 | 1996-01-02 | International Business Machines Corporation | Flexible interface to authentication services in a distributed data processing environment |
| WO2001013201A2 (en) * | 1999-08-12 | 2001-02-22 | Sarnoff Corporation | Peer-to-peer network user authentication protocol |
| US6230269B1 (en) * | 1998-03-04 | 2001-05-08 | Microsoft Corporation | Distributed authentication system and method |
| US20030065777A1 (en) * | 2001-10-03 | 2003-04-03 | Nokia Corporation | System and method for controlling access to downloadable resources |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1995024698A1 (en) | 1992-10-14 | 1995-09-14 | Cp8 Transac | A secure memory card |
| US5299263A (en) | 1993-03-04 | 1994-03-29 | Bell Communications Research, Inc. | Two-way public key authentication and key agreement for low-cost terminals |
| AU6522200A (en) | 1999-08-06 | 2001-03-05 | Sarnoff Corporation | Network user authentication protocol |
| WO2002065329A1 (en) * | 2001-02-14 | 2002-08-22 | The Escher Group, Ltd. | Peer-to peer enterprise storage |
| US20030115251A1 (en) * | 2001-02-23 | 2003-06-19 | Fredrickson Jason A. | Peer data protocol |
| US7523490B2 (en) * | 2002-05-15 | 2009-04-21 | Microsoft Corporation | Session key security protocol |
| US7392375B2 (en) * | 2002-09-18 | 2008-06-24 | Colligo Networks, Inc. | Peer-to-peer authentication for real-time collaboration |
| US8015211B2 (en) * | 2004-04-21 | 2011-09-06 | Architecture Technology Corporation | Secure peer-to-peer object storage system |
| US20060206616A1 (en) * | 2005-03-14 | 2006-09-14 | Gridiron Software, Inc. | Decentralized secure network login |
| US20060277092A1 (en) * | 2005-06-03 | 2006-12-07 | Credigy Technologies, Inc. | System and method for a peer to peer exchange of consumer information |
-
2006
- 2006-07-04 GB GBGB0613235.1A patent/GB0613235D0/en not_active Ceased
-
2007
- 2007-06-11 EP EP07733175A patent/EP2038792B1/en active Active
- 2007-06-11 AT AT07733175T patent/ATE520090T1/en not_active IP Right Cessation
- 2007-06-11 WO PCT/GB2007/002166 patent/WO2008003923A1/en active Application Filing
- 2007-06-11 CA CA2659886A patent/CA2659886C/en not_active Expired - Fee Related
- 2007-06-11 CN CN201110291532.1A patent/CN102510370B/en not_active Expired - Fee Related
- 2007-06-11 AU AU2007270991A patent/AU2007270991B2/en not_active Ceased
- 2007-06-11 GB GB0900909A patent/GB2454602B/en active Active
- 2007-06-11 GB GB0823625A patent/GB2453077B/en active Active
- 2007-06-11 US US12/307,203 patent/US8386786B2/en active Active
- 2007-06-11 CN CN200780025361XA patent/CN101496019B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5481720A (en) * | 1989-05-15 | 1996-01-02 | International Business Machines Corporation | Flexible interface to authentication services in a distributed data processing environment |
| US6230269B1 (en) * | 1998-03-04 | 2001-05-08 | Microsoft Corporation | Distributed authentication system and method |
| WO2001013201A2 (en) * | 1999-08-12 | 2001-02-22 | Sarnoff Corporation | Peer-to-peer network user authentication protocol |
| US20030065777A1 (en) * | 2001-10-03 | 2003-04-03 | Nokia Corporation | System and method for controlling access to downloadable resources |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015176461A1 (en) * | 2014-05-22 | 2015-11-26 | 中兴通讯股份有限公司 | File access processing method, file access method, and device for distributed file system |
Also Published As
| Publication number | Publication date |
|---|---|
| AU2007270991B2 (en) | 2012-09-20 |
| CN102510370B (en) | 2014-11-26 |
| GB2454602B (en) | 2009-10-07 |
| GB2453077A8 (en) | 2009-04-08 |
| CN101496019B (en) | 2012-07-18 |
| CA2659886A1 (en) | 2008-01-10 |
| GB2453077B (en) | 2011-02-16 |
| CN101496019A (en) | 2009-07-29 |
| WO2008003923A1 (en) | 2008-01-10 |
| GB2453077A (en) | 2009-03-25 |
| AU2007270991A1 (en) | 2008-01-10 |
| GB0823625D0 (en) | 2009-02-04 |
| US20100037060A1 (en) | 2010-02-11 |
| CA2659886C (en) | 2017-05-09 |
| GB0613235D0 (en) | 2006-08-09 |
| EP2038792A1 (en) | 2009-03-25 |
| GB2454602A (en) | 2009-05-13 |
| GB0900909D0 (en) | 2009-03-04 |
| ATE520090T1 (en) | 2011-08-15 |
| US8386786B2 (en) | 2013-02-26 |
| EP2038792B1 (en) | 2011-08-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101496019B (en) | Method for access authentication for distributed file system and distributed file system | |
| CN1767507B (en) | System and method for verifying messages | |
| CN101682612B (en) | Controlled activation of function | |
| US11184336B2 (en) | Public key pinning for private networks | |
| US20130061049A1 (en) | Distributed network system | |
| US20050187966A1 (en) | Data communicating apparatus, data communicating method, and program | |
| US9300639B1 (en) | Device coordination | |
| CN106372499A (en) | Systems and methods for securing virtual machine computing environments | |
| CN108701308B (en) | System for issuing public certificate based on blockchain, and method for issuing public certificate based on blockchain using same | |
| US11962698B2 (en) | Token node locking with fingerprints authenticated by digital certificates | |
| US20230037520A1 (en) | Blockchain schema for secure data transmission | |
| US9160538B2 (en) | Detection method for fraudulent mail, detection program therefor, and detection device therefor | |
| CN106529216B (en) | Software authorization system and software authorization method based on public storage platform | |
| CN110708156B (en) | Communication method, client and server | |
| CN114726606B (en) | User authentication method, client, gateway and authentication server | |
| KR102357595B1 (en) | Blockchain-based authentication system and method for preventing interception hacking attacks | |
| CN114499975A (en) | Method for verifying login server, server and storage medium | |
| CN112733166A (en) | license authentication and authorization function realization method and system | |
| JP4543789B2 (en) | Certificate verification information management method based on transactions | |
| Li et al. | Public key based authentication for secure integration of sensor data and RFID | |
| CN117407437A (en) | Block chain-based data processing method, equipment and readable storage medium | |
| Li et al. | Multi-domain rfid access control using asymmetric key based tag-reader mutual authentication | |
| WO2022026965A1 (en) | Device fingerprint encoding component attributes | |
| Yildiz | Maturing the Distribution of Supportive Tasks in Web Service Framework: Security and Reliability |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1167950 Country of ref document: HK |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: MAIDSAFE LTD. Free format text: FORMER OWNER: DAVID IRVINE Effective date: 20150115 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20150115 Address after: Ayrshire UK Patentee after: MAIDSAFE NET LTD. Address before: Ayrshire UK Patentee before: Irvine David |
|
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: WD Ref document number: 1167950 Country of ref document: HK |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141126 Termination date: 20210611 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |